Radio frequency ID tags raise privacy questions

Don't take a hammer to your new U.S. passport. And don't drill a hole in that credit card or zap it in the microwave.

Experts say these measures &

recommended on some Web sites as ways to safeguard privacy and security &

aren't necessary for people concerned about the growing prevalence of Radio Frequency Identification tags.

The tiny silicon chips are embedded in credit cards, passports and other everyday items and can transmit data about where you go, what you buy and even who you are.

The devices include "smart" car keys, the no-swipe credit card on your key ring, the E-ZPass transponder on your windshield, the prescription bottle in your medicine cabinet, the shirt you buy at the mall and even the soles of your shoes.

Analysts estimate that RFID tag sales will reach more than $2.3 billion this year &

mostly in automotive, security and financial applications.

But as RFID technology spreads and grows less expensive, critics say the tags and the signals they emit are likely to be abused by people who would spy on your movements, steal your identity or even target you in a terrorist attack.

The concern has led to some paranoia &

and Web sites full of bizarre advice on avoiding RFID snoops. But authorities are beginning to listen to RFID's serious critics.

The U.S. State Department, for example, incorporated metal shielding into the covers of new passports after critics demonstrated how information from the RFID tags embedded in the documents could be read clandestinely from a distance.

Last year, California legislators enacted a law prohibiting employers from forcing their employees to implant RFID tags in their bodies.

They and lawmakers in Wisconsin and other states were spurred into action by an Ohio company that tagged employees who worked with confidential documents &

voluntarily, according to news reports.

But the real problem, critics say, is that RFID tracking is virtually invisible and undetectable by its subjects.

"A lot of this is done not only without the consumer's knowledge &

it's beyond the grasp of most consumers how it works. Nontechnical people don't know what the risks are. They just want to buy things and have their privacy and credit card numbers protected," said Avi Rubin, a Johns Hopkins University computer science professor who worked with Massachusetts researchers to crack the encryption scheme of the ExxonMobil Speedpass in 2005.

Although he and many other computer security specialists say they don't believe the tags pose a serious threat today, they are concerned about the future.

"You can look at this at two different levels: whether it's worthwhile for you as an individual to fuss with wrapping your cards in some sort of sleeve, or looking at the systemic issue: how we got to a point where these cards do make this information available remotely," said Edward W. Felton, a professor of computer science and public affairs at Princeton University, whose graduate students became famous for penetrating the security of electronic voting machines.

RFID chips are encoded with digital information that could be the inventory number for a pair of jeans, a credit card number, an employee ID or driver's license data, medical records or passport information.

When an RFID reader sends out an electromagnetic query, the RFID chip transmits the information. While the industry is selling RFID applications as diverse as radio dog-collars and fitness monitors, the technology also has spawned a tiny counter-industry of companies that produce metal-lined wallets, passport sleeves and other devices to shield RFID-enabled documents and credit cards.

Lee Tien, senior staff attorney for the San Francisco-based Electronic Frontier Foundation, said people who raise the alarm realize how it would have felt to warn the public about air pollution the day the Model T was introduced.

The EFF has opposed use of the technology on several fronts. And as a parent, Tien spoke against a proposal for an enhanced California driver's license that could broadcast the name, address, height and weight of drivers &

such as his 16-year-old daughter.

But he doesn't oppose the technology itself. "I would honestly have no problem using RFID devices if I knew I could control who was going to read them," Tien said.

Dan Mullen, president of AIM Global, a trade association representing RFID and other data collection technology manufacturers, says that most RFID tags don't contain personal information in the first place.

Even if they do, he said, personal data might be safer there than on a retailer's computer systems &

given highly publicized breaches of those servers during the past few years.

"If somebody is looking to steal personal information, there are probably richer sources" than RFID tags, he said.

(Optional add end)

Mullen said that RFID tags can enhance security, too. For example, they make it more difficult to forge documents &

such as tickets to the 2008 Olympics. He also noted that critics voiced similar complaints when the bar code was first deployed.

But RFID skeptics note several key differences between the two technologies. The most important: Unlike a bar code, an RFID tag doesn't have to be visible for a sensor to detect it.

"You're making available over the airwaves something that's previously available only through line of sight," said Hopkins' Avi Rubin.

The distance at which an RFID tag can be read varies &

from mere centimeters on no-swipe credit cards to hundreds of feet for toll-booth tags.

For many applications, Tien said, all you have to do is "follow somebody into an elevator. You're close enough."

Retailers often use RFID to manage inventory and prevent theft. But critics say the tags aren't required after consumers leave the store with their merchandise &

often unaware that the tags are still functional. The tags can be disabled, but most stores don't bother.

Promoters say retailers could keep RFID tags on clothing they've sold previously to identify regular customers as they enter a store and offer personalized service. Critics say an RFID tag embedded in a book might tell a snoop that a reader is carrying "The Communist Manifesto".

"You're no longer in control of who can know what it is you have," Tien said. "We're all for the retail industry being able to more efficiently manage their inventory.

Although credit card companies boast of their security and encryption, spokespeople for several major suppliers said there's no need to drill or microwave an RFID-enabled card.

MasterCard spokesman Chris Monteiro said customers can ask the issuer for a card that doesn't have an RFID chip &

or a referral to a card program that doesn't use them. "It's the consumer's choice, depending on their interest and concerns," he said.

American Express spokeswoman Molly Faust said her company's RFID card chips use a different number from the credit card itself. "Someone could read the chip, but they can't read the number. It's a unique code number," she said.

It's one thing to attack a credit card, but messing around with a U.S. passport can earn you a fine or a prison term.

"If you mutilate it or alter it, you're violating a federal statute," said Cy Ferenchak, a spokesman for the U.S Bureau of Consular Affairs.

He said the passport's RFID chip is encrypted and can be read only when the book is open. "The information that's on the chip is printed on the front page of the passport book itself," he added. "If you lose your passport entirely, you're probably more vulnerable than walking around with a passport with a chip in it."